Posted
by
kdawson
on Monday July 20, 2009 @06:41PM
from the many-mice-and-one-big-cat dept.

alphadogg sends in a Network World piece on the unexpectedly effective technologies Iran is now employing to thwart their citizens' access to the Net. "While the government's initial efforts to censor the Internet were blunt and often ineffective, it has started employing more sophisticated tools to thwart dissidents' attempts to communicate with each other and the outside world. Iranian dissidents are not alone in their struggle, however, as several sympathetic hacker groups have been working to keep them online. One such group is NedaNet, whose mission is to 'help the Iranian people by setting up networks of proxy severs, anonymizers, and any other appropriate technologies that can enable them to communicate and organize.' NedaNet project coordinator Morgan Sennhauser, who has just written a paper detailing the Iranian government's latest efforts to thwart hackers (PDF), says that the government's actions have been surprisingly robust and have challenged hackers in ways that the Chinese government's efforts at censorship have not."

It is really awesome hear about the international collaboration of non-government, non-business entities working together to overcome tyranny. I'd like to wish those oppressors a sarcastic "good luck" in stifling the ingenuity of people all around the world. As for the Iranian people, kudos on being a continuously painful thorn in your government's side.

Who says that this are non-government, non-business entities? I'm quiet sure that the pentagon and other US services will waste no time and join this effort if it wasn't created by them in the first place.
In my view the US has been the oppressor in this case as it has been feeding unproven and highly unreliable information in order to provoke violence in the enemy camp. I wouldn't be surprised if they are steering Mousavi too.

Hey! Bored, and waiting for a phone call, so I figured, what else to do but reply to the comments on slashdot!

1) Right now we recommend Tor, we're testing out some other solutions that will be more easily integrated into how people are already using their computers. Dumb down the client requirements as much as possible. However, it's hard, since any solution is temporary- it's just a matter of how temporary. That said, we do have a few tools used for specific purposes inside Iran, however they're quite

Full disclosure: Haystack is not a NedaNet project. There are a lot of differences in how NedaNet and Media Access International (the organization behind Haystack) handle their projects, based on different opinions and philosophies when it comes to keeping the communication open and secure.
--emsenn, project coordinator, NedaNet (http://emsenn.com)

I don't actually like the NedaNet name, and we're going to be changing it soon, since there's an American company with the name already.
If I had to say our principal belief, it'd be something like "working to keep communication open, secure, and anonymous", or something like that.

And who is providing the Iranian government with the technical know-how to implement these censoring measures?

Is it private consultants? Is it foreign governments?

Is there sufficient know-how within Iran's pro-government citizenship to effect the censorship?

I'm very curious who, if anyone, is helping Iran's government do this. Because I do control a decent amount of spending, and I'd like to know if there's anyone I do business with that I should think twice about renewing contracts with. I'd be disappointed, and more than a bit shocked, if any of my suppliers are helping Iran do this. But there is precedent [ibmandtheholocaust.com]. And my (and my employer's) dollars can speak a lot louder than this comment.

Nokia-Siemens are basically stating (correctly) 'we didn't do anything there that we aren't required to do elsewhere.' That's all well and good, but it doesn't address the fundamental question: Is what they did in Iran (and do elsewhere) the Right Thing?

The whole question about how - and when, and who - to intercept in the context of the Internet is particularly troubling. Here's an excerpt from a longer piece [imagicity.com] I wrote about the situation:

Nokia-Siemens, defending its role in the creation of a centralised mobile telecommuncations network, stated recently that:

In most countries around the world, including all EU member states and the U.S., telecommunications networks are legally required to have the capability for Lawful Intercept and this is also the case in Iran. Lawful Intercept is specified in standards defined by ETSI (European Telecommunications Standards Institute) and the 3GPP (3rd Generation Partnership Project).

Yes, decentralised communications come at a cost. They make surveillance efforts of all kinds more difficult. The two competing questions we need to ask ourselves are:

How far are we willing to compromise ourselves in the pursuit of state security?

How much are we willing to compromise state surveillance capability in order to protect our own freedom to communicate?

These are knotty issues with complex and often subtle ramifications on society. They demand a level of public engagement on the principle - and more importantly, the practice - of free speech that we havenâ(TM)t seen since the Red Scare of the 1950s.

And who supplies the FBI and NSA's intercept software and hardware for all their warrentless wiretaps?

the Iranian country is small for internet access, and they have carefully controlled it from the beginning. The trick here is the no one can actually say anything as the same hardware and software is even used for LEGAL wiretaps by just about everybody. What is needed is for someone to make a second Internet and trick the world into using it before governemetns realize they can't control it.

And what if they're using *gasp* linux. A local coffee shop I frequent use many of the same techniques to try to stop people from downloading torrent files after getting a couple infringement notices. They do it via a Gentoo linux box and off the shelf FOSS tools. They don't do the DPI or SPI, but everything else, such as QoS, blocking ports, and IP blocks they do and it doesn't take a super consultant to set it up. I know the kid who set up this box. He's knows enough to do it, but isn't any type of super genius.

Can you get around the blocks here at the shop? Yes, but only if you know what you're doing. I can do it. I know a couple others who can as well, but 95% of the people sipping coffee around me don't have a clue. And it's enough to thwart the average attempt to use services like limewire and Bit Torrent.

It's quite possible that they're using tools they are implementing without outside help. But given the scope of the project, and the increase in effectiveness, I'd expect that they've hired someone to help.

What are you saying there aren't smart, technical savvy people inside Iran, some of whom may work for their security services? There are fairly bright people all over this earth, and they all different ideas of "right/wrong". SIGINT's price tag has come down a lot thanks to commodity hardware and community software. I'm willing someone somewhere in their intelligence apparatus saw this coming, had the tools, but had to have the right time to show case their talents. And given Iran's nature of wanting to

So what if they use Linux? Linux is but a tool. It's purpose, benign or otherwise, is always defined by the human using it. A hammer can be a home-improvement helper device or a deadly weapon depending on who's swinging it and at what. The hammer's still just a hammer.

And my (and my employer's) dollars can speak a lot louder than this comment.

The great thing about the internet is that your comment can speak louder. Maybe your comment convinces someone to do a little digging and find out who is helping Iran. After that ten other people, maybe some with even greater spending power than the yourself hear about this and follow suit. These people tell other people and a movement is born, Iran is finally reformed. All because of your comment. Now this is starting to sound like a Hallmark film.

And who is providing the Iranian government with the technical know-how to implement these censoring measures? Is it private consultants? Is it foreign governments?

This is a good question. I've asked a few people and no one is fessing up to suppling Iran publicly. I've worked in that particular industry so I have some good contacts who should know. We know they use software from CA based Secure Computing, but the company denies having sold them a license so it seems they're just pirating the software. The Nokia Siemens partnership is selling them some gear but denies selling them monitoring software for anything other than cell phone networks.

Is there sufficient know-how within Iran's pro-government citizenship to effect the censorship?

There is a surprising amount of network traffic shaping and monitoring software related to the middle east. Half the startup companies in the business a few years ago had founders educated in Israel. It is possible, therefor that the locals do have such knowledge, but on the other hand the Israelis and Iranians don't really get along (understatement of the year nomination please).

And my (and my employer's) dollars can speak a lot louder than this comment.

I'm all in favor of accountability. I'd like to think the press would be competent enough to figure do some serious investigation of this and that the US government would make sure any companies involved were exposed as such to the public as well as subjected to punishments for doing business there (at least being unavailable for US contracts for a few years). I'm afraid I've become more of a cynic iver the last decade and I have little faith in either the press or the US government to push for the truth and hold people accountable. But seeing as most of the public has the attention span of a fruit fly and doesn't care enough to vote based upon such things anyway, I suppose we get what we deserve.

Accountability, the man says? Where is the media? Are they ALL in bed with the politicos?

The fact is, politicians have not only enabled monitoring and censorship, they have mandated it. There is no reason in the world to think that only "good guys" will have those weapons. Monitoring and censorship are a little like guns and knives - good guys might have them, bad guys WILL have them.

The accountability for repressive technology begins in the UK's ministries, and in the US' congress and senate, and we can

"I'm all in favor of accountability. I'd like to think the press would be competent enough to figure do some serious investigation of this and that the US government would make sure any companies involved were exposed as such to the public as well as subjected to punishments for doing business there (at least being unavailable for US contracts for a few years)"

The problem with this is that the US government doesn't do it fairly.

Look at the Senators who complained about Nokia/Siemens selling stuff to Iran un

It's likely their own internal IT guys with off the shelf hardware doing it. It doesn't take a genius nor a ton of money to do what they're doing. Having setup QOS in Linux and seeing the capabilities of various other projects, it's quite trivial.

The packet inspection? Likely http://l7-filter.sourceforge.net.Where's the QOS coming from? Just the built in Linux kernel stuff that comes with every distribution.Want to monitor and log all of that and be able to search it? http://www.ntop.orgWant to block stuff

"And who is providing the Iranian government with the technical know-how to implement these censoring measures?"
?
And why would you think Iran needs any non-Iranian consultancy or gov to implement those technologies? Do you really believe that Iranians don't have any know-how of their own?

You can already stop buying Cisco products then, as they are doing the filtering of China (and using that technology to help ISPs throttle specific protocols, in Western countries, in case you're into the 'net neutrality' combat). Unless you care only about Iran internet filtering. Actually, I'm pretty sure you'll stop buying products from anyone pretty soon as they most likely all do business with China or Iran. If only Iran is your concern, I'd look at Israel vendors as I'm pretty sure they don't do busin

"China has several gigabytes per second of traffic to deal with and has a lot more international businesses," he says. "They can't be as heavy-handed with their filtration. The Iranians aren't as concerned about thatâ¦ so they get to use all these fancy toys that, if the Chinese used them, could cripple their economy."

I myself ordered Chinese products from sites using SSL. I don't think even they would be crazy enough to turn down money - but it seems Iran's leaders are. Are they going North Korea style? At least Chinese have a positive side to their repressive government. They have the money, they'll transform that to power and influence. Iran's policy is VERY bad for business - who seem to really WANT their people to be poor and unemployed. Which also leads to emigration of smart, competent and anybody willing to work. So yes, killing protesters and having a idiotic clerical fascistic system will make Iran poor and irrelevant in time. Countries with saner systems will benefit from importing their disgruntled intellectual elite - because smart people might be more tolerant by average, but also have lower tolerance for being served hypocritical crap.

Iran and China are not the same thing. Iran's government is much more repressive. It's not a technology issue. It's a repression issue. The "quote" acts like China and Iran are apples to apples and if China could do it too, they would. Just because China is repressive doesn't mean all repression is equal, and that they and Iran are two equals on a scale of *free -to- enslaved* . It's like when people try to compare to US to Iran because you can cherry pick incidents from each country and draw parallels. It'

Democratic regimes that see their own countries' intellectual elite as an enemy are not really democratic. If you're trying to make your own people dumber by average so you could rule them more easily.. that is base premise for any authoritarian / fascist / fanatic form of government. Not (true) democracy.Government in my (small European) country recently spent millions of euros for building number of sport arenas we don't need. Now, crisis is here, and they are "cutting corners" by stopping the free schoo

So yes, killing protesters and having a idiotic clerical fascistic system will make Iran poor and irrelevant in time.

As someone who fled for exactly those reasons, I fully agree with whole of your comment, except that little bit about a clerical fascistic system.

The recent "election" (read coup) was the beginning of transformation of Iran from a theocratic oligarchy into a military dictatorship. Otensibly, Khamenei and a few select clerics hold some power, but in reality, revolutionary guards' commander

I think I address this in http://emsenn.com/SoIC.pdf [emsenn.com] but if not, here it is again:
Iran has a lot less to lose by cutting Internet. Businesses there treat Internet as a luxury, not a necessity the way companies here or in Asia do.

If there exists any means of communication that is not blocked, that means can be subverted to support every form of communication. As a result, any partial technological block will inevitably be defeated.

The alternative to censorship is self-censorship - alter society such that it no longer wants to communicate in such-and-such a form, or to transmit such-and-such information. This has mixed results. Certainly, China and Iran haven't done well in convincing their citizens not to communicate with the outside world. On the other hand, the Pitcairn Islanders are not exactly broadcasting the facts behind the crimes of the power-brokers there.

I guess the difference is that all the Pitcairn Islanders are, to some extent, guilty of the crimes that only a handful were actually convicted for, and talking could lead to their conviction as well. On the other hand, dissidents in Iran and China don't see themselves as guilty of the crimes of their leadership and so have no need to protect themselves.

(One wonders how many other people have been silent of things they should have spoken up over, to avoid being convicted. It's a part of the censorship debate that IS important, as it is the only part that cannot be technologically circumvented. Well, not until mind-reading machines have been developed.)

In a way, I guess the Iranian censorship technology is a good thing, in that it seems to be pressing the technologists more, forcing them to come up with cleverer solutions. It's good for the mind and may, someday, lead to Iranian inventors and innovators gaining some clout in the world. Adverse conditions tend to produce some brilliant minds.

The Iranian, Farsi speaking people have a complex and fascinating history. Farsi, like English, is an Indo-European language, and, the Persian Empire could be said to be the catalyst driving the birth of Europe. The Spartan and Athenian alliance bringing the victory of the Persian Wars was thought by the Greeks to be caused by the Gods as the Persians were seen as Asians and, it was thought, the Gods would never allow one people to rule both Europe and Asia. The matter grows complex as Alexander Hellenized the Persian world. Although in Persia lower caste people would abase themselves before someone seen to be a superior, but the Greeks only bowed to a God and thus the Persian custom was seen as Alexander elevating himself to the ranks of the Gods. But for my money the big fillip was introduced, perhaps by the Jews, when sin was passed from the King to the people. Some ancient civilizations were known to have beaten the statues of Gods when things went wrong and, further down the road, Kings and priests were punished when things went wrong as it was thought they were custodians and servants of the Gods and thus responsible if the Gods should be made angry. Some tyrant, somewhere, came up with the truly remarkable idea that if sin was ascribed to the people s/he ruled, then, if the Gods punished the people it was the peoples fault. This ascription of sin to the populous was one of the neatest tricks a ruling elite ever effected on an enslaved population. I think all western theocracies are supported by this central idea, that each person is born into sin and is a sinner and thus accountable for anything and everything that goes wrong.

We're creatures of context and our ideologies are drawn from and enforced by the symbols that surround us. From this it follow that freedom of speech is fundamental to democracy and personal growth. If Iran is to grow and the Iranian people free themselves, then they must always have available to them the symbols of freedom.

Just my loose change, btw "hello", a decade or so ago we exchanged what I enjoyed as some interesting posts here when I was new to Linux and/., but that was another incarnation.

And a hello back.:) I hope we have many more interesting conversations. Your post here, incidentally, is fascinating and gets into some of the social/historical aspects of control that I'd not been aware of. Thank you!

Though the parent family of English is "Indo-European", English is actually classified as a "West Germanic" language (belongs to the western sub-branch of the Germanic branch of the Indo-European family of languages). The reason English has a lot of resemblance to Romance languages (when it comes to vocabulary) is because of the drastic change that the language underwent during the Norman invasion of England. The closest living relative of English is the Fris

Not if the government decrees and installs mandatory censorship backdoor software/hardware on every communication device sold. Passing laws for that to happen in the name of the children or the security or freedom is easier than we think. It will probably be called Free Speech Protection or something similar.

Then, even though communication around it will be theoretically possible, the threshold will be high enough from technical standpoint and if tampering with the device is punishable with harsh enough measures, then few enough people will make efforts to go around it, which is few enough from the governing entity's standpoint.

Possible future solutions are being beta tested in places like UAE, China, Korea, and now Iran.

And speaking of bright minds, history shows that oppressive governments never mind putting a bullet through one.

I feel sad for their people. However, the solution has to come from within. Now that USA has freed itself from the tyranny of the extreme right, we can hope that Iran can do the same. Remember, regimes do fall, often with no violence or war.

Those that fall without violence generally (but not universally) do better than those that fall with violence. Violent revolutionaries tend to fear being replaced by yet other violent revolutionaries, which can lead to ever-increasing oppression. This is not a universal rule.

The closest thing that there is to a universal rule is that societies are better off for solving their own problems, rather than having a solution imposed. Especially if the imposer and imposee are culturally and/or technologi

The simplest way to bypass hardware monitoring devices is to hide your message inside an innocuous message. Plain-text stenography has been around a long time. Have the important letters follow a known series, then fill in the gaps such that the message appears to be genuine and innocent.

You can also use non-technical solutions, such as using phospher-based invisible ink. You can get this past censors by using an ink that IS visible but is based on something that sublimates at room temperature. The visible

As a result, any partial technological block will inevitably be defeated.

You assume that you have an unlimited number of retries to work around the block, but you don't. Circumvention tries can be traced and you will get locked up before you can get your message out. You also don't have to block, you can do white-listing instead, which is a lot harder to work around. Smuggling an SD card might in the end be easier way to get stuff out then trying to do it directly via the Internet, as the real world is a good bit harder to trace.

If there exists any means of communication that is not blocked, that means can be subverted to support every form of communication. As a result, any partial technological block will inevitably be defeated.

People like to think in a boolean fashion, because it limits the number of things to think about. Something is "secure" or it isn't. Except that the real world doesn't work that way.

You lock the doors when you go to bed at night, but does that offer any real security when a craptastic $1 hammer at the loca

Is one of the technologies forcing all traffic through a single Microsoft Proxy Server on an NT4 server with 128mb ram and a scorching celeron 366 to round out the "Internets" Congestion System? Just sayin...

I can't be bothered with an on-line PDF-file — is voting fraud [slashdot.org] on the list? Because the Honduran fraudster got the backing [thehill.com] of the current US Administration... Someone needs to tell the mullahs, that the easiest way to the heart of America's President may lie through something, that they already doing...

What if to move every day a hard-disk, say 1 or 2 TB, for sort of a http proxy via the border.

While outside the firewall, download on it websites, which may be of an interest and serve them from within of your office or home LAN.

Yes, so far, such a hard disk is still detectable. But if memory volume of a flash drives will continue to grow, I can imagine a point of time, when the whole Internet, or at least forbidden Internet, could be carried over the border on a minuscule flash drive. Which then is plu

Interesting that IP blocking would be the first item on the list. That alone should make all proponents of such blacklists even in self-declared democratic countries think very hard about it. Personally I am strictly opposed to it and I don't care if it's "just for child pornographers" as recently implemented in Germany. My experience has shown, that the people calling for, legislating and implementing such censorship technologies don't know where to stop. Once they have grabbed a tiny slice of power over o

It's a good job we have someone sensible and balanced with an eye for the nuances of politics on the job, rather than a weirdo who has believed he's on a Jihadi hit-list since 2006 [ibiblio.org], and who is packing a gun 24-hours-a-day loaded with bullets soaked in pork fat [nedanet.org] (maybe he thinks it makes them more effective in some werewolf-silver way, or maybe he's just really good at offending the people he says he's trying to help...)

Yes, Iran has a long history of attacking other countries in wars of aggression so claiming peaceful use is a farce.Nuclear technologiy is only safe with peaceful countries who have never lead any wars of aggression or used WMD, like say the U.S.A. and Germany.

iran itself didnt directly attack any other country, but have been perpetrating civil wars in half of the neighboring countries through funding, training extremist groups. they use lebanese hezbollah as a police force in iran even. it has become THAT institutionalized. iran is basically one of the two sides in the lebanese civil war that lasted for around 30 years, through hezbollah. and now, in palestine, they are a party through hamas. in iraq they have been funding and directing shiites. a considerable p

Second, i live in a country that is neighboring iran, and having to cope with what shit that country perpetrates. i dont give a zit about astroturfing.

third, you are in desperate need of coming to the realization that not every idea/info/speech that sounds hard&tough, down to earth, or harsh regarding some reality is some conservative lunatic's ranting. there are people with evil intent in life, there are countries that are run by fascists, an

third, you are in desperate need of coming to the realization that not every idea/info/speech that sounds hard&tough, down to earth, or harsh regarding some reality is some conservative lunatic's ranting. there are people with evil intent in life, there are countries that are run by fascists, and there are wars. get to grips with it.

No shit. Why do you think I didn't actually call you a Republican astroturfer?